WordPress Vulnerability Report — July 3, 2024

In Since last week, 223 new vulnerabilities emerged in the WordPress ecosystem including 3 in the WordPress core, 35 in themes and 185 in plugins. 41 of the vulnerable plugins and themes remain unpatched.

Along with poor user account security, vulnerable plugins & themes are one of the main reasons WordPress websites get hacked, so run those updates

Unfortunately, cyberattacks are increasing in volume and sophistication. They’re also increasingly aimed at small to mid-sized businesses.

WordPress Core

  • WordPress ver 6.5.5 addreses 3 vulnerabilities

WordPress Themes

Themes With No Fix/Patch Available

Disclosed vulnerability(ies) have not yet been patched. You should switch the theme if no fix is forthcoming.
  • Anima
  • Infinite Photography
  • Boot Store
  • Grey Opaque
  • Mosaic
  • Schema Lite
  • Scylla lite
  • Silesia
  • Theron Lite

Themes With A Fix/Patch Available

Disclosed vulnerability(ies) have been patched. You should update to the latest version.

  • Ashe
  • Benevolent
  • Blocksy
  • Blossom Shop
  • Coachify
  • Elegant Pink
  • Esteem
  • Hestia
  • Highlight
  • JobScout
  • Mesmerize
  • NewsMash
  • Newsmatic
  • OnePress
  • Perfect Portfolio
  • Preschool and Kindergarten
  • Travel Agency
  • Travel Monster
  • Trendy News
  • Basil
  • The7
  • Foxiz
  • Goya
  • Striking
  • Woffice

WordPress Plugins

Plugins With No Fix/Patch Available

Disclosed vulnerability(ies) have not yet been patched. You should deactivate the plugin(s).
  • SEO SIMPLE PACK
  • NextScripts: Social Networks Auto-Poster
  • ARI Fancy Lightbox – WordPress Popup
  • BSK PDF Manager
  • PDF Viewer
  • Logo Manager For Enamad
  • WP Directory Kit
  • Pagerank tools
  • Animated AL List
  • Simple AL Slider
  • Widget4Call
  • All In One Redirection
  • Auto Featured Image
  • Bible Text
  • Bookster
  • ContentLock
  • Floating Social Buttons
  • Frontend Checklist
  • Gallery Slideshow
  • jQuery T(-) Countdown Widget
  • Mime Types Extended
  • Muslim Prayer Time BD
  • Ninja Beaver Add-ons for Beaver Builder
  • PDF Viewer for Elementor
  • Simple Photoswipe
  • Simply Show Hooks
  • Spotify Play Button
  • Video Widget
  • WebP & SVG Support

Plugins With A Fix/Patch Available

The vulnerability(ies) have been patched. You should update to the latest version.

  • Contact Form 7
  • Elementor Website Builder
  • WooCommerce
  • Elementor Header & Footer Builder
  • ElementsKit Elementor addons
  • File Manager
  • Easy Table of Contents
  • SiteGuard WP Plugin
  • Happy Addons for Elementor
  • Gutenberg Blocks with AI by Kadence WP
  • PixelYourSite – Your smart PIXEL (TAG) & API Manager
  • PDF Embedder
  • SEOPress
  • Elementor Addon Elements
  • Advanced File Manager
  • HT Mega
  • Pods
  • Stackable – Page Builder Gutenberg Blocks
  • The Plus Addons for Elementor
  • WP Chat App
  • Defender Security
  • Slider & Popup Builder by Depicter
  • Email Subscribers by Icegram Express
  • EmbedPress
  • Events Manager
  • Featured Image from URL (FIFU)
  • LearnPress
  • WP Mobile Menu
  • Paid Memberships Pro
  • Permalink Manager Lite
  • The Post Grid
  • Tutor LMS
  • WP Maps
  • 3D FlipBook
  • Media Library Assistant
  • Page and Post Clone
  • Exclusive Addons for Elementor
  • Form Maker by 10Web
  • Sina Extension for Elementor
  • Ultimate Blocks
  • DethemeKit For Elementor
  • Interactive Content – H5P
  • PowerPress Podcasting plugin by Blubrry
  • Quiz and Survey Master (QSM)
  • Void Contact Form 7 Widget For Elementor Page Builder
  • Cost Calculator Builder
  • Easy Google Maps
  • PDF Poster
  • Portfolio Gallery
  • Rife Elementor Extensions & Templates
  • Gallery Blocks with Lightbox
  • Twenty20 Image Before-After
  • Ad Invalid Click Protector (AICP)
  • Branda
  • Conversios
  • Funnel Builder for WordPres
  • by FunnelKit
  • PDF.js Viewer
  • Quiz Maker
  • Ultimate Post Kit Addons For Elementor
  • UsersWP
  • E2Pdf
  • Easy Affiliate Links
  • Cookie Consent for WP
  • AI Power: Complete AI Pack
  • HTML5 Audio Player- Audio Player Plugin
  • Mailster WordPress Newsletter Plugin
  • Mega Elements – Addons for Elementor
  • Simple Newsletter Plugin – Noptin
  • All-in-One Addons for Elementor – WidgetKit
  • Wonder PDF Embed
  • WP Photo Album Plus
  • WP Server Health Stats
  • Motors – Car Dealer, Classifieds & Listing
  • PowerPack Lite for Beaver Builder
  • Create by Mediavine
  • ProfileGrid
  • Print My Blog
  • Ultimate Bootstrap Elements for Elementor
  • WPCafe
  • Beaver Builder Addons
  • Easy Image Collage
  • AWSM Team
  • Patreon WordPress
  • Social Rocket
  • Stock Ticker
  • Visual Website Collaboration, Feedback & Project Management
  • Cards for Beaver Builder
  • Chained Quiz
  • Cowidgets
  • CRM Perks Forms
  • WordPress CRM, Email & Marketing Automation for WordPress | Award Winner
  • Online Booking & Scheduling Calendar for WordPress by vcita
  • WP Secure Maintenance
  • Church Admin
  • Enter Addons
  • Extensions for Elementor
  • Photo Gallery by Ays
  • IdeaPush
  • Login with phone number
  • Newspack Newsletters
  • PayPlus Payment Gateway
  • Post Meta Data Manager
  • SuperSaaS
  • Tainacan
  • WP Timetics
  • WP-Lister Lite for Amazon
  • The Ultimate WordPress Toolkit
  • Zita Elementor Site Library
  • Progress Planner
  • Advanced Custom Fields PRO
  • ARMember Premium
  • BLAZE Retail Widget
  • Bricks Builder (Premium)
  • Contact Form 7 Multi-Step Addon
  • Elementor Pro
  • Blocks Pro
  • Masterstudy Elementor Widgets
  • Newspack Ads
  • Newspack Blocks
  • Newspack Content Converter
  • Newspack Campaigns
  • Slider Revolution
  • Seo Optimized Images
  • Social Warfare
  • Uber Menu
  • Ultimate Addons for Elementor
  • Uncanny Automator Pro
  • Uncanny Toolkit Pro for LearnDash
  • TrustedLogin Vendor
  • Woffice Core
  • WP Job Manager – Resume Manager
  • Wrapper Link Elementor

Looking for peace of mind and less tech stress?​

Security, performance, backups, privacy, and much more – the list of tasks needed to keep your website performing at its peak can seem overwhelming and time-consuming.

Signup for one of our website care/management plans and get a tech-savvy team who are committed to your business.

Never worry about your website again.

Let Us Help You

How Do I Update WordPress?

Run a full backups of your website using the backup plugin you have installed -or- using the backup feature your web host provides.

Ideally you test major functions – like ecommerce, elearning, membership functionality on a staging server first. If you site is “heavily” customized, you should also test in a staging environgment first.

Perform your updates in the order of WordPress – Theme(s) – Plugin(s). Ideally you are making note of the before and after versions.

After completed, perform a visual inspection of your site and test critical functionality that may have been affected – contact forms, subscription buttons, purchasing etc.